This is the Privacy Policy of Century City Conference Centre and Hotel Proprietary Limited (we or us). This Privacy Policy applies to the personal information of visitors to our conference centre, hotel and restaurant (Square Cafe and Wine Bar) websites, available at http://ccconferencecentre.co.za/, https://www.cchotel.co.za/ and https://squarecafe.co.za/ (Websites) and to hotel guests, conference organisers and delegates and restaurant customers who engage with us in any way (collectively you).

We respect your privacy rights and comply with all laws in respect of the handling of personal information, including collection, use, storage, sharing and disposal. This Privacy Policy aims to help you understand how we handle your personal information.

This Privacy Policy does not apply to any third party websites which may be accessible through links on the Websites. We make no representations or warranties about the privacy practices of any third party and do not accept any responsibility for the privacy practices of, or content displayed on, third party websites. Third party website providers are responsible for informing users about their own privacy practices.

We may need to change or update this Privacy Policy from time to time. Updated versions will be posted on the Websites and will be effective from the date of posting. This Privacy Policy was last updated on 9th October 2018.

1 What personal information do we handle and why?

1.1 When used in this Privacy Policy, the term “personal information” has the meaning given to it in the Protection of Personal Information Act, 2013 (POPI). Generally speaking, personal information is any information that can be used to personally identify a natural or juristic person. If the information that we collects personally identifies you or a third party, or you or third parties are reasonably identifiable from it, we will treat it as personal information.

1.2 If you organise a conference at Century City Conference Centre or book accommodation at Century City Hotel on behalf of guests, we will collect your company details, payment information (credit card or bank details) and any other information which is necessary to organise and facilitate your conference and book the accommodation.

1.3 If you provide us with personal information of third parties, please make sure that you are authorised to do so.

1.4 If you stay at Century City Hotel, we are required by law (the Immigration Act, 2002 and regulations) to insert your details in our register of hotel guests, including your full name and surname, a copy of your ID or passport, your ID or passport number, residence status in South Africa, normal residential address and signature. When making a reservation on your own behalf, we will also collect your contact details and payment information (your credit card or bank details), as well as any other information you provide to us in connection with your hotel stay.

1.5 If you make a reservation at Square Cafe and Wine Bar, we will collect your name and contact details, as well as your credit or debit card information when you make a card payment.

1.6 If you contact us with an enquiry, we may require personal information from you in order to respond to your enquiry effectively.

2 How do we collect your personal information?

We collect your personal information in various ways, namely:

(1) through your access to and use of the Websites;
(2) from your company or third party conference organisers or travel agents which make bookings on your behalf;
(3) when you attend a conference, book accommodation, stay at the hotel or visit the restaurant;
(4) from publically available sources such as social media; and
(5) when you communicate with us in any way.

3 What happens if we are not permitted to collect your personal information?

All personal information provided by you is provided voluntarily. However, if you do not provide us with personal information where we requires it, you may not be able to organise or attend your conference or make a hotel reservation. In particular, you will not be able to check into the hotel if you do not provide the information we are required by law to include on our guest register.

4 For what purposes do we handle user personal information?

We store your personal information and handle it for the purposes of:

(1) carrying out any actions necessary to organise and facilitate the conference you are organisation or attending, to make your hotel reservation and/or to facilitate your stay at the hotel;
(2) improving our services and communications to customers;
(3) complying with our obligations in terms of the Immigration Act, 2002 and regulations and other applicable laws;
(4) updating our records;
(5) processing and responding to any correspondence or enquiries;
(6) marketing, subject to clause 7.

5 Who do we disclose your personal information to?

5.1 We may disclose your personal information to:

(1) our employees, affiliates, contractors or third party service providers in connection with the Website or the operation of our conference centre and hotel;
(2) our insurers and professional advisors, including our accountants, lawyers, business advisors and consultants;
(3) new colleagues and the manager of any entity through which they operate if we merge, combines or divests a part of our business;
(4) law enforcement or regulatory bodies as required by law; and
(5) any other juristic or natural person for any authorised purpose with your express consent.

5.2 The booking engine on our hotel Website (https://www.cchotel.co.za/) is provided by our third party service provider, Pegasus, whose privacy statement is available here.

5.3 We undertake never to sell your personal information.

6 Do we disclose your personal information to anyone outside South Africa?

6.1 Your personal information may need to be transferred to, or stored with, our service providers located outside of South Africa for some of the purposes listed above.

6.2 Where your personal information is transferred outside of South Africa, we will take all reasonable steps to ensure that it receives a similar or higher level of protection as that which it receives in South Africa.

7 Marketing

7.1 We may handle your personal information to send you details of our services. These communications may be sent in various forms (including by post and by email) in accordance with applicable marketing laws. If you indicate a preference for a method of communication, we will endeavour to use that method where it is practical to do so.

7.2 If you subscribe to our newsletters, we will handle your personal information in order to send them to you.

7.3 All of these communications will include information detailing the process of unsubscribing from (or opting out of) receiving the communications if you no longer wish to receive promotional material from us.

8 Cookies

8.1 When you visit the Websites (including the booking engine on our hotel Website), we and our service providers may make use of “cookies” to automatically collect information and data about you. “Cookies” are small text files used by websites or other platforms to recognise repeat users, facilitate users’ on-going access to and use of a website or other platforms and allow the website or other platform to track usage behaviour and compile aggregate data that will allow the website or platform operator to improve the functionality of the website or platform and its content. The type of information collected by cookies is not used to personally identify users. If you do not want information collected by means of cookies, you should disable the use of cookies in your web browser. Cookies may, however, be necessary to provide you with certain features available on the Websites and if you disable cookies you may not be able to use those features.

8.2 As the Websites are accessible via the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of the transmission of information you communicate to us online. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.

9 Security and data quality

9.1 We may hold your personal information in either electronic or hard copy form. In both cases, we take reasonable and appropriate steps to ensure that the personal information is protected from misuse and loss and from unauthorised access, modification or disclosure.

9.3 Personal information is destroyed or de-identified when no longer needed or when we are no longer required by law to retain it (whichever is the later).

10 How can you access and correct your personal information?

10.1 You have the right to contact us at any time requesting:

(1) confirmation that we have your personal information;
(2) access to the records containing your personal information or a description of the personal information that we hold about you; and
(3) the identity or categories of third parties who have had, or currently have, access to your personal information.

10.2 When making a request, we require adequate proof of your identity which will include providing a certified copy of your identity / registration documents.

10.3 We will try to provide users with suitable means of accessing information, where you are entitled to it, by for example, posting or emailing it to you.

10.4 There may be instances where we cannot grant users access to personal information. For example, if their access would interfere with the privacy of others or would result in a breach of confidentiality, we may need to refuse access. If we refuse access, we will give written reasons for the refusal.

10.5 If you believe that any personal information that we hold about you is inaccurate, irrelevant, outdated, incomplete or misleading, you may ask us to correct it. If you believe that any personal information that we hold about you is excessive or has been unlawfully obtained or that we are no longer authorised to retain the information, you may ask us to destroy or delete it. We will consider if the information requires correction, deletion or destruction and if we do not agree that there are grounds for action, you may ask us to add a note to the personal information stating that you disagree with it.

10.6 We may charge a reasonable fee to cover our administrative and other reasonable costs in providing the information to you. We will not charge for simply making the request or for making any corrections to the personal information.

11 Unlawful access to your personal information

11.1 If you believe that your personal information has been unlawfully accessed or acquired, you may contact us using the contact information below and provide details of the incident so that we can investigate it.

11.2 We will treat your complaints confidentially (unless otherwise required by law), investigate those complaints and aim to ensure that those complaints are resolved within a reasonable time.

12 Changes to your personal information

Should your personal information change, please inform us and provide us with all changes as soon as reasonably possible to enable us to update it.

13 Contact information

If you have any questions about this Privacy Policy or any general concerns or would like to lay a complaint regarding the treatment of your personal information, you may contact our Information Officer using the details set out below.